37 matches found
Remote Code Execution (RCE)
opensysusers is vulnerable to denial of service. It does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
DEBIAN-CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
Command injection
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
UBUNTU-CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
opensysusers 代码注入漏洞
opensysusers is an open source package. It is an alternative implementation of systemd-sysusers that can be run on systems with or without systemd installed. A code injection vulnerability exists in versions of opensysusers prior to 0.6, which poses a security risk primarily due to the use of...
openSUSE: Security Advisory for git (openSUSE-SU-2021:2555-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:2555-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2021:2555-1 Security update for git
This update for git fixes the following issues: Update from version 2.26.2 to version 2.31.1 jscSLE-18152 Security fixes: - CVE-2021-21300: On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS,...
Security update for git (moderate)
openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2021:2555-1 Rating: moderate References: 1168930 1183026 1183580 SLE-17838 SLE-18152 Cross-References: CVE-2021-21300 CVSS scores: CVE-2021-21300 NVD : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-21300...
SUSE: Security Advisory (SUSE-SU-2021:2423-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:2031-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:2031-1)
This update for systemd provides several fixes and enhancements. Security issues fixed : - CVE-2017-9217: NULL pointer dereferencing that could lead to resolved aborting. bsc1040614 - CVE-2017-9445: Possible out-of-bounds write triggered by a specially crafted TCP payload from a DNS server...
SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2017:1773-1)
This update for systemd fixes the following issues: Security issue fixed : - CVE-2017-9217: resolved: Fix NULL pointer p-question dereferencing that could lead to resolved aborting bsc1040614 The update also fixed several non-security bugs : - core/mount: Use the '-c' flag to not canonicalize pat...